They focused on the Texas Instruments DST80 encryption, found in the immobilisers of cars from various manufacturers. In some Toyota vehicles, the encryption key was based on a serial number also broadcast with the fob signal significantly reducing the number of random bits a hacker would need to run through in order to find the key. Some Kia and Hyundai cars use 24 random bits of protection, although the DST80 system supports 80 bits.
This would require the attacker to come close to the legitimate fob, scan it with their own RFID device and then use this information to determine the encryption key and clone it with the same RFID device. This device could then be used to disable the immobiliser. With the immobiliser disabled, the only obstacle preventing the attacker from starting the engine would be the ignition barrel key slot , which can be defeated with tried-and-tested hot-wiring techniques.
However, further models could be affected. Although the Tesla S previously had the same vulnerability, Tesla has since updated its firmware. The researchers told Wired that this was the only model they had identified as being at risk which had the capability to fix the issue. Toggle navigation Menu. Image credit: Dreamstime. EVs broadly backed at COP26, but major markets and makers missing. Sponsored webinar. They offer luxury, convenience and a host of features that connect the car to cloud data and other Internet-connected services.
Many motorists who use these systems on a regular basis likely take them for granted without realizing how they work. Millions of cars on the Internet running the same software means a single exploit can affect millions of vehicles simultaneously, according to the report. Security comes from keeping things simple. The more complex you make it, the more someone will be able to get in the back door.
One of the engineers quoted in the report said cyberattacks could be reduced by maintaining a physical separation between Internet-connected components and safety-critical components. The report includes disclosures to investors from several automakers, who acknowledge cyberattacks are a real threat. Ford and its suppliers and dealers have already been the target of attacks and more are likely to occur in the future, the automaker said.
0コメント